With recent celebrity deaths, spammers are shifting strategies in hopes of cashing in on the misfortunes of others. Although several celebrities have passed away in the last few weeks, pop star Michael Jackson's death is driving the greatest spam volume.
Less than eight hours after Jackson's untimely death, Sophos began to intercept spam campaigns using the singer's name. Sophos also discovered cybercriminals taking advantage of 1970s TV icon Farrah Fawcett's death to spread fake antivirus software.
Mass Mailing Worms
Since then, Sophos reports large volumes of more spam, malware and other scams. For example, Sophos reports a mass-mailing worm that spams out messages with subject lines such as "Remembering Michael Jackson" with an attached file called "Michael songs and pictures.zip."
The e-mail, which claims to come from email@example.com, says the attached ZIP file contains secret songs and photos of Michael Jackson. However, the reality is that opening the attachment exposes recipients to infection -- and if a computer is victimized, it spreads the worm to other Internet users.
Attackers have also set up a bogus Italian YouTube site link in an e-mail. When users click on the e-mail they get an error message indicating a Flash player upgrade is required in order to view the video. The download link ushers the victim to a fake codec that downloads a Trojan.
Exploiting Human Misery
How does the rash of celebrity deaths compare with other major world events? It's not at all unusual for the bad guys to try and take advantage of big international news stories in their attempts to infect computers and steal money, according to Graham Cluley, a senior security consultant at Sophos.
Cluley points to hackers in the past taking advantage of the death of the pope, the incarceration of Saddam Hussein, the death of kung-fu actor David Carradine, a Concorde crash in Paris, shootings at American universities, and terror bombings in London.
"What's clear is that cybercriminals have no qualms about taking advantage of human misery, and they understand that many people are so eager to get the latest news via the Net that they may not exercise enough caution when clicking on links and opening attachments," Cluley said. "It's up to users to be vigilant, and think carefully about what they're doing rather than putting themselves and their company's data at risk."
Shifting Spam Strategies
Noteworthy is the fact that Independence Day in the United States typically breeds spam. But Symantec is reporting spammers seem less passionate about spawning Independence Day spam this year. The probable reason for this neutrality could be the spam spike related to the death of Jackson.
Symantec warns of spam with subject lines related to any of these deaths trying to peddle fake medicines, fake antivirus software, and fake codecs. The security firm also warns of Twitter tweets about the deaths with links to malicious Web sites, social-networking site messages that could link to malware, and links to fake videos that attempt to infect users with malware.
"The Internet has gone wild since Michael Jackson, the 'King of Pop,' was reported dead on June 25," said Symantec's Vivian Ho. "We expect that spam and malware will keep coming in, given Michael Jackson's popularity and following. Recipients should be extra cautious about messages that appear to be related to Jackson's death, especially any e-mail that comes from an unknown or unexpected source."